Hi Andreas, i just took a look on your your work and I agree to Mathia[sz] thats a good start. I think of a debconf menu similar to the nss_ldap and openldap-client one's, that is asking you for your needs to build some ldifs from a base. I havn't tested your script, maybe its already doing this in your scripting way. That should be as system-compliant as possible, in the way it uses the given tools. Just my small opinion. Anyway, you did good work by collecting the information and building the different ldif's for the diferent purposes. Sometime when I search for some Information about OpenLDAP, its major pain in the ass to find anything useful on the net or on the mailing list that fits your needs. Hopefully, this is getting integrated to make the really interesting stuff of ldap a really useful stuff, even in small networks where the admin hasn't heard about central user/whatever management ever. Glad to see you active here. Bye, Benjamin. <div class="gmail_quote">On Wed, Apr 28, 2010 at 18:45, Andreas Hasenack <<a href="mailto:andreas@canonical.com">andreas@canonical.com</a>> wrote: <blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 <div class="im"> On 04/27/2010 04:47 PM, Roderick B. Greening wrote: > I second this. > > I am attempting (unsuccessfully) to get an Open LDAP setup so that I can > perform authentication across systems and services. > > It would be ideal if there were an easy way to setup LDAP and via some basic > questions, get you up an running. > > I'm all for helping out on such an endevour (from the "what I need it to do" > department and not the technical of LDAP.. which I am weak on). </div>Hi, I created openldap-dit. The goal of the openldap-dit project was never to create a set of tools to create users and other objects in the directory, but rather setup a basic tree, with reasonable default ACLs, on which new LDAP administrators could build on and have a starting place for whatever setup they wanted. I know trees can take many shapes and forms. It can surely be simplified by removing dns and dhcp, which are the most complex branches in there I think, specially since bind in ubuntu doesn't work with ldap so well. I also think that the move to cn=config made it more difficult, if not impossible, for people not familiar with ldap to get to a starting point, at least without something like a default dit with an admin and some basic ACLs. The DIT I created I think helps, and I would love to hear some feedback about people who tried to use it. I know some of its pain points, but without people complaining or using it I don't have much motivation to fix it. And I'm at fault with that, because I never exactly made it very public. - -- Andreas Hasenack <a href="mailto:andreas@canonical.com">andreas@canonical.com</a> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org/" target="_blank">http://enigmail.mozdev.org/</a> iEYEARECAAYFAkvYZjMACgkQeEJZs/PdwpCkpgCfeK46PCXwtBcax3bSJEIbsbO/ tjIAoMim4vfjAuiIu97eOCKGChTktTZh =aJi9 -----END PGP SIGNATURE----- <div><div></div><div class="h5"> -- ubuntu-server mailing list <a href="mailto:ubuntu-server@lists.ubuntu.com">ubuntu-server@lists.ubuntu.com</a> <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-server" target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-server</a> More info: <a href="https://wiki.ubuntu.com/ServerTeam" target="_blank">https://wiki.ubuntu.com/ServerTeam</a> </div></div></blockquote></div> -- To be or not to be -- Shakespeare | To do is to be -- Nietzsche | To be is to do -- Sartre | Do be do be do -- Sinatra <div style="visibility: hidden; display: inline;" id="avg_ls_inline_popup"></div><style type="text/css">#avg_ls_inline_popup { position:absolute; z-index:9999; padding: 0px 0px; margin-left: 0px; margin-top: 0px; width: 240px; overflow: hidden; word-wrap: break-word; color: black; font-size: 10px; text-align: left; line-height: 13px;}</style>